package com.lanyou.cook.web;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.google.gson.JsonObject;
import com.lanyou.cook.common.Constants;
import com.lanyou.cook.datadictionary.UserLogOpt;
import com.lanyou.cook.entity.domain.userManagement.User;
import com.lanyou.cook.service.UserLogService;
import com.lanyou.cook.service.security.UserSessionService;
import com.lanyou.cook.web.param.LoginParam;

import com.lanyou.cook.util.RSAUtil;

/**
 * 用户Session相关业务的控制层
 * @author 仇伟业
 *
 */
@Controller
@RequestMapping(Constants.BASE_URL_API)
public class UserSessionController {

	@Autowired
	private UserLogService userLogService;
	
	@Autowired
	private UserSessionService userSessionService;
	/**
	 * 用户登录
	 * @param loginParam 类型:LoginParam 登录的用户参数
	 * @return 类型:String 返回登录的结果
	 */
	@RequestMapping(value = "/login", method = RequestMethod.POST, produces = "application/json")
	@ResponseBody
	public String login(@RequestBody LoginParam loginParam) {
		JsonObject result = new JsonObject();
		Subject subject = SecurityUtils.getSubject();
		String password = "";
		try {
			//进行RSA解密
			password = RSAUtil.decryptByPrivateKey(loginParam.getPassword(), Constants.PRIVATE_KEY_BASE64);
		} catch (Exception e) {
			
		}
		UsernamePasswordToken token = new UsernamePasswordToken(loginParam.getUsername(), password);
		try {
			subject.login(token);
			
			result.addProperty("resultCode", "SUCCESS");
			userLogService.save(UserLogOpt.UserLogin, null, String.format("用户%s登录了", loginParam.getUsername()));
			
		} catch (UnknownAccountException | IncorrectCredentialsException e) {
			result.addProperty("resultCode", "USER_NAME_OR_PWD_INVAILD");
		} catch(LockedAccountException e) {
			result.addProperty("resultCode", "USER_DISALLOW");
		}catch (DisabledAccountException e) {
			result.addProperty("resultCode", "USER_UNAUTHORIZED");
		}catch (AuthenticationException e) {
			result.addProperty("resultCode", "FAILED");
		}
		
		return result.toString();
	}

	/**
	 * 用户注销
	 * @return 类型:String 用户注销重定向
	 */
	@RequestMapping(value = "/logout", method = RequestMethod.POST)
	public String logout() {
		User user = userSessionService.getCurrentAuthenticatedUser();
		if(user != null){
			userLogService.save(UserLogOpt.UserLogout, null, String.format("用户%s注销了", user.getUserCode()));
		}
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "redirect:/UserLogin.html";
	}
}
